4c536a8728b5a2207332856d9aea7be3be41f0b2a921c049a73894e371ca6cb0

Sharing

Copy URL

Twitter E-mail

General

Target

4c536a8728b5a2207332856d9aea7be3be41f0b2a921c049a73894e371ca6cb0
Size

341KB
MD5

c8a7a319ce6c507a8fa2b90c201c728e
SHA1

d0683f663b502598c4f2c543cb1c2554eebd6e61
SHA256

4c536a8728b5a2207332856d9aea7be3be41f0b2a921c049a73894e371ca6cb0
SHA512

98c46849126cf94a3a9ac7c0c7e6525f44e2b46b77d6700e7c0adc61054b78f9cdc3d7bddecaf1ed4922d5f5af8c0426396ee26dcb31970225523118666864fc
SSDEEP

6144:W+ZZele5HmgeO+VOL2GN3GILw0+IZTlytnz9Bmo9rjJ:zme5Gw+Y/24w0+MlyXVr

Score

N/A

Malware Config

Signatures

Files

4c536a8728b5a2207332856d9aea7be3be41f0b2a921c049a73894e371ca6cb0
.exe windows x86

43e278f16a0af72a27361ea15a7b9291

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
GetModuleHandleW
GetSystemDirectoryA
ReadConsoleA
GetProcAddress
LoadLibraryA
GetTempPathW
GlobalAlloc
IsProcessorFeaturePresent
GetConsoleAliasExesLengthW
GetLastError
GetComputerNameA
GetConsoleAliasW
GetDefaultCommConfigW
WaitForMultipleObjects
GetTapeParameters
EnumTimeFormatsW
GetConsoleSelectionInfo
FindClose
GetTickCount
GetLongPathNameW
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EncodePointer
DecodePointer
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
FatalAppExitA
HeapCreate
HeapDestroy
ExitProcess
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RaiseException
SetStdHandle
Sleep
RtlUnwind
SetFilePointer
WriteConsoleW
MultiByteToWideChar
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryW
GetLocaleInfoW
LCMapStringW
GetStringTypeW
HeapReAlloc
CreateFileW
HeapSize
ReadFile
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale

advapi32

ReportEventA
AccessCheckByTypeResultListAndAuditAlarmA

Exports

Exports

_MyFunc124@4

Sections

.text
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jekun
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43e278f16a0af72a27361ea15a7b9291

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 225KB - Virtual size: 224KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 8KB - Virtual size: 5.0MB

.jekun Size: 1KB - Virtual size: 1KB

.rsrc Size: 56KB - Virtual size: 56KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 225KB - Virtual size: 224KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 5.0MB

.jekun
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 56KB - Virtual size: 56KB

.reloc
Size: 17KB - Virtual size: 17KB